0361a5c8365fa7f1f8c421d3d00e6a52e1546b724e59159cbb0c4fd3d5d1590f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-24_14999f2ccb8742f8af6459c800c063e9_cryptolocker
Size

40KB
Sample

240124-ng5lnaghc7
MD5

14999f2ccb8742f8af6459c800c063e9
SHA1

2f48aac737fc3e4eea248f545c9b367aa5e1f6ba
SHA256

0361a5c8365fa7f1f8c421d3d00e6a52e1546b724e59159cbb0c4fd3d5d1590f
SHA512

620f58d92a564fb6c975537b27bfe508012637dc56f454b16837da7ac353a16925e2de5524b709b8cd1839e48773a9b772fe892036c2aa9519c3879b2c82f923
SSDEEP

384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunrkwIxZ932R:btB9g/WItCSsAGjX7e9N0hunrkn9mR

Score

10^/10

Malware Config

Targets

- Target
  
  2024-01-24_14999f2ccb8742f8af6459c800c063e9_cryptolocker
- Size
  
  40KB
- MD5
  
  14999f2ccb8742f8af6459c800c063e9
- SHA1
  
  2f48aac737fc3e4eea248f545c9b367aa5e1f6ba
- SHA256
  
  0361a5c8365fa7f1f8c421d3d00e6a52e1546b724e59159cbb0c4fd3d5d1590f
- SHA512
  
  620f58d92a564fb6c975537b27bfe508012637dc56f454b16837da7ac353a16925e2de5524b709b8cd1839e48773a9b772fe892036c2aa9519c3879b2c82f923
- SSDEEP
  
  384:btBYQg/WIEhUCSNyepEjYnDOAlzVol6U/zzo+tkq4XDIwNiJXxXunrkwIxZ932R:btB9g/WItCSsAGjX7e9N0hunrkn9mR
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2